An organisation's database is a hugely, if not the, most valuable asset it owns. If access to Blackbaud hosted applications (in our case Raiser's Edge) could be limited to be from one, or a range, of I.P. addresses we could ensure that staff and volunteers could only access it via a secure VPN session though our systems. At present all one needs is the URL and log-on credentials to access from anywhere. Yes, we could restrict by only allowing access during defined times using the standard Windows user security settings but that fall's short of providing the solution I'm after.